Recovering Memory Access Sequence with Differential Flush+Reload Attack

  • Zhiwei Yuan
  • Yang LiEmail author
  • Kazuo Sakiyama
  • Takeshi Sugawara
  • Jian Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11125)


Side-channel attacks are effective attacks against modern cryptographic schemes, which exploit the leaking information besides input and output to the algorithm. As one of the cache-based side-channel attacks, Flush+Reload features high resolution, low noise, and virtual machine compatibility. However, a state-of-the-art Flush+Reload attack only reveals whether the memory address is accessed or not. This paper presents differential Flush+Reload attack that can recover the access sequence of memory addresses, which could lead to new vulnerabilities. The idea is to analyze statistical difference among multiple Flush+Reload results. Specifically, we add controlled delay between the start of victim calculation and the memory flush. Multiple Flush+Reload results with different delays are measured to determine the memory access sequence. Under this concept, we demonstrate the details of a successful recovery of T-table access sequences for an AES implementation from MatrixSSL version 3.9.3 on an Intel CPU.


Side-channel Cache attack Differential Flush+Reload Access sequence 



This work was supported by National Natural Science Foundation of China 61602239, Jiangsu Province Natural Science Foundation BK20160808 and JSPS KAKENHI Grant Number JP18H05289.


  1. 1.
    Aciiçmez, O.: Yet another microarchitectural attack: exploiting I-cache. In: Proceedings of the 2007 ACM Workshop on Computer Security Architecture, pp. 11–18. ACM (2007)Google Scholar
  2. 2.
    Bernstein, D.J.: Cache-timing attacks on AES. Vlsi Des. IEEE Comput. Soc. 51(2), 218–221 (2005)MathSciNetGoogle Scholar
  3. 3.
    Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005). Scholar
  4. 4.
    Chen, C., Wang, T., Kou, Y., Chen, X., Li, X.: Improvement of trace-driven I-cache timing attack on the RSA algorithm. J. Syst. Softw. 86(1), 100–107 (2013). Scholar
  5. 5.
    Gullasch, D., Bangerter, E., Krenn, S.: Cache games - bringing access-based cache attacks on AES to practice. In: Security and Privacy (SP), IEEE Symposium on 2011, pp. 490–505. IEEE (2011)Google Scholar
  6. 6.
    Gülmezoğlu, B., İnci, M.S., Irazoqui, G., Eisenbarth, T., Sunar, B.: A faster and more realistic flush+reload attack on AES. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 111–126. Springer, Cham (2015). Scholar
  7. 7.
    Hu, W.M.: Lattice scheduling and covert channels. In: Proceedings Research in Security and Privacy, 1992 IEEE Computer Society Symposium on 1992. pp. 52–61. IEEE (1992). DOI:
  8. 8.
    Irazoqui, G., Inci, M.S., Eisenbarth, T., Sunar, B.: Wait a minute! A fast, cross-VM attack on AES. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 299–319. Springer, Cham (2014). Scholar
  9. 9.
    Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side channel cryptanalysis of product ciphers. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 97–110. Springer, Heidelberg (1998). Scholar
  10. 10.
    Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). Scholar
  11. 11.
    Koeune, F., Standaert, F.-X.: A tutorial on physical security and side-channel attacks. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2004-2005. LNCS, vol. 3655, pp. 78–108. Springer, Heidelberg (2005). Scholar
  12. 12.
    Moghimi, A., Irazoqui, G., Eisenbarth, T.: CacheZoom: how SGX amplifies the power of cache attacks. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 69–90. Springer, Cham (2017). Scholar
  13. 13.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006). Scholar
  14. 14.
    Page, D.: Theoretical use of cache memory as a cryptanalytic side-channel. IACR Cryptol. Eprint Arch. 2002, 169 (2002)Google Scholar
  15. 15.
    Page, D.: Defending against cache-based side-channel attacks. Inf. Secur. Tech. Rep. 8(1), 30–44 (2003)CrossRefGoogle Scholar
  16. 16.
    Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 62–76. Springer, Heidelberg (2003). Scholar
  17. 17.
    Yarom, Y., Benger, N.: Recovering OpenSSL ecdsa nonces using the flush+reload cache side-channel attack. IACR Cryptol. Eprint Arch. 2014, 140 (2014)Google Scholar
  18. 18.
    Yarom, Y., Falkner, K.: Flush+reload: a high resolution, low noise, l3 cache side-channel attack. In: Usenix Conference on Security Symposium, pp. 719–732 (2014)Google Scholar
  19. 19.
    Zhou, Z., Reiter, M.K., Zhang, Y.: A software approach to defeating side channels in last-level caches. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 871–882. ACM (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Zhiwei Yuan
    • 1
  • Yang Li
    • 2
    Email author
  • Kazuo Sakiyama
    • 2
  • Takeshi Sugawara
    • 2
  • Jian Wang
    • 1
  1. 1.Nanjing University of Aeronautics and AstronauticsNanjingChina
  2. 2.The University of Electro-CommunicationsTokyoJapan

Personalised recommendations